Home Malware Programs Rogue Anti-Spyware Programs PCPrivacy

PCPrivacy

Posted: August 13, 2010

PCPrivacy (or PC Privacy) is a rogue security program which spreads via the Internet by using Trojans and fake online security websites. PCPrivacy is installed on victim computers without the user's approval. It will secretly enter the system before modifying settings and registry entries to have itself run whenever Windows is operating. Once active, computer users may experience constant security alert pop-ups advertising PC Privacy. PCPrivacy runs its own virus scan which detects false threats on the computer to mislead users into getting the licensed version of this useless program. PC Privacy poses a huge security threat to computer safety and should be terminated immediately.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 [%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\PCPrivacyTool unregistered.lnk
    2 [%DESKTOP%]\Install PCPrivacyTool .lnk
    3 [%DESKTOP%]\PCPrivacyTool unregistered.lnk

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\software\pcprivacytoolHKEY_LOCAL_MACHINE\software\pc drive toolHKEY_LOCAL_MACHINE\software\pcprivacytoolHKEY_LOCAL_MACHINE\software\ugdccwHKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\ \shellex\contextmenuhandlers\secure_delHKEY_CLASSES_ROOT\.exe\shellex\contextmenuhandlers\secure_delHKEY_CLASSES_ROOT\.lnk\shellex\contextmenuhandlers\secure_delHKEY_CLASSES_ROOT\clsid\{645ff040-5081-101b-9f08-00aa002f954e}\shell\secure deleteHKEY_CLASSES_ROOT\clsid\{b33de756-deee-4d7a-87db-1d905ba2aa21}HKEY_CLASSES_ROOT\directory\background\shellex\contextmenuhandlers\secure_delHKEY_CLASSES_ROOT\directory\shellex\contextmenuhandlers\secure_delHKEY_CLASSES_ROOT\drive\shellex\contextmenuhandlers\secure_delHKEY_CLASSES_ROOT\exefile\shellex\contextmenuhandlers\secure_delHKEY_CLASSES_ROOT\folder\shellex\contextmenuhandlers\secure_delHKEY_CLASSES_ROOT\lnkfile\shellex\contextmenuhandlers\secure_delHKEY_CLASSES_ROOT\systemfileassociations\directory.audio\shellex\contextmenuhandlers\secure_delHKEY_CLASSES_ROOT\systemfileassociations\directory.image\shellex\contextmenuhandlers\secure_delHKEY_CLASSES_ROOT\systemfileassociations\directory.video\shellex\contextmenuhandlers\secure_delHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}gdc_is1

Related Posts

Loading...